Update config.yml #65
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Project Compliance Check | ||
| permissions: | ||
| contents: read | ||
| on: | ||
| push: | ||
| branches: [main, "📦Current"] | ||
| pull_request: | ||
| branches: [main, "📦Current"] | ||
| permissions: | ||
| contents: read | ||
| pull-requests: read | ||
| jobs: | ||
| compliance: | ||
| name: Code Compliance and Structure | ||
| runs-on: windows-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Check PowerShell Version | ||
| shell: pwsh | ||
| run: | | ||
| $PSVersion = $PSVersionTable.PSVersion | ||
| Write-Host "PowerShell Version: $PSVersion" | ||
| if ($PSVersion -lt [Version]"5.1") { | ||
| throw "PowerShell version must be 5.1 or higher" | ||
| } | ||
| - name: Test Script Syntax | ||
| shell: pwsh | ||
| run: | | ||
| $scripts = Get-ChildItem -Path . -Filter *.ps1 -Recurse -Exclude @('*.test.ps1', '*test*.ps1') | ||
| $errors = @() | ||
| foreach ($script in $scripts) { | ||
| $parseErrors = $null | ||
| $null = [System.Management.Automation.PSParser]::Tokenize((Get-Content $script.FullName -Raw), [ref]$parseErrors) | ||
| if ($parseErrors.Count -gt 0) { | ||
| $errors += "$($script.FullName): $($parseErrors | ConvertTo-Json -Compress)" | ||
| } | ||
| } | ||
| if ($errors.Count -gt 0) { | ||
| throw "Syntax errors found:`n$($errors -join "`n")" | ||
| } | ||
| Write-Host "[OK] All scripts have valid syntax" | ||
| - name: Check for Admin Rights | ||
| shell: pwsh | ||
| run: | | ||
| $isAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) | ||
| if (-not $isAdmin) { | ||
| Write-Host "Running without admin rights (expected in CI environment)" | ||
| } | ||
| - name: Check for Required Files | ||
| shell: pwsh | ||
| run: | | ||
| $required = @( | ||
| 'windowstelemetryblocker.ps1', | ||
| 'run.bat', | ||
| 'modules/common.ps1', | ||
| 'modules/telemetry.ps1', | ||
| 'modules/services.ps1', | ||
| 'modules/apps.ps1', | ||
| 'modules/misc.ps1', | ||
| 'modules/telemetry-rollback.ps1', | ||
| 'modules/services-rollback.ps1', | ||
| 'modules/apps-rollback.ps1', | ||
| 'modules/misc-rollback.ps1' | ||
| ) | ||
| $missing = @() | ||
| foreach ($file in $required) { | ||
| if (-not (Test-Path $file)) { | ||
| $missing += $file | ||
| } | ||
| } | ||
| if ($missing.Count -gt 0) { | ||
| throw "Required files missing: $($missing -join ', ')" | ||
| } | ||
| Write-Host "[OK] All required files present" | ||
| - name: Check Modules Dot-Source Common | ||
| shell: pwsh | ||
| run: | | ||
| $modules = Get-ChildItem modules -Filter *.ps1 | Where-Object { $_.Name -notlike '*rollback.ps1' -and $_.Name -ne 'common.ps1' } | ||
| $errors = @() | ||
| foreach ($mod in $modules) { | ||
| $content = Get-Content $mod.FullName -Raw | ||
| # Allow for single/double quotes, optional whitespace | ||
| if ($content -notmatch '(?m)^\s*\.\s+["'']\$PSScriptRoot/common.ps1["'']') { | ||
| $errors += "$($mod.Name) does not dot-source common.ps1" | ||
| } | ||
| } | ||
| if ($errors.Count -gt 0) { | ||
| throw "Module errors:`n$($errors -join "`n")" | ||
| } | ||
| Write-Host "[OK] All modules properly dot-source common.ps1" | ||
| - name: Check Rollback Scripts for Each Module | ||
| shell: pwsh | ||
| run: | | ||
| $mainModules = @('services','telemetry','apps','misc') | ||
| $missing = @() | ||
| foreach ($mod in $mainModules) { | ||
| $rollback = "modules/$mod-rollback.ps1" | ||
| if (-not (Test-Path $rollback)) { | ||
| $missing += $rollback | ||
| } | ||
| } | ||
| if ($missing.Count -gt 0) { | ||
| throw "Missing rollback scripts: $($missing -join ', ')" | ||
| } | ||
| Write-Host "[OK] All rollback scripts present" | ||
| - name: Check Code Organization (Regions) | ||
| shell: pwsh | ||
| run: | | ||
| $main = Get-Content windowstelemetryblocker.ps1 -Raw | ||
| $requiredRegions = @( | ||
| 'region Parameters', | ||
| 'region Global State', | ||
| 'region Logging Functions', | ||
| 'region Safety Barrier Functions', | ||
| 'region Module Execution' | ||
| ) | ||
| $missing = @() | ||
| foreach ($region in $requiredRegions) { | ||
| if ($main -notmatch $region) { | ||
| $missing += $region | ||
| } | ||
| } | ||
| if ($missing.Count -gt 0) { | ||
| throw "Missing required regions in main script: $($missing -join ', ')" | ||
| } | ||
| Write-Host "[OK] Main script properly organized with regions" | ||
| # Check modules have regions too | ||
| $modules = Get-ChildItem modules -Filter *.ps1 | Where-Object { $_.Name -ne 'common.ps1' } | ||
| $unorganized = @() | ||
| foreach ($mod in $modules) { | ||
| $content = Get-Content $mod.FullName -Raw | ||
| if ($content -notmatch 'region') { | ||
| $unorganized += $mod.Name | ||
| } | ||
| } | ||
| if ($unorganized.Count -gt 0) { | ||
| Write-Host "[WARN] Modules without regions (should be organized): $($unorganized -join ', ')" | ||
| } else { | ||
| Write-Host "[OK] All modules properly organized with regions" | ||
| } | ||
| - name: Check README for Enhanced Features | ||
| shell: pwsh | ||
| run: | | ||
| $readme = Get-Content README.md -Raw | ||
| $features = @('dry-run','rollback','dependencies','logging','restore point') | ||
| $missing = @() | ||
| foreach ($feature in $features) { | ||
| if ($readme -notmatch $feature) { | ||
| $missing += $feature | ||
| } | ||
| } | ||
| if ($missing.Count -gt 0) { | ||
| throw "README.md missing features: $($missing -join ', ')" | ||
| } | ||
| Write-Host "[OK] All required features documented in README" | ||
| - name: Check Script Version Banner | ||
| shell: pwsh | ||
| run: | | ||
| $main = Get-Content windowstelemetryblocker.ps1 -Raw | ||
| if ($main -notmatch 'Script Version:') { | ||
| throw "Script version banner missing in windowstelemetryblocker.ps1" | ||
| } | ||
| Write-Host "[OK] Script version banner present" | ||
| - name: Check v1.0 Integration Points | ||
| shell: pwsh | ||
| run: | | ||
| $v1Launcher = "v1.0/launcher.ps1" | ||
| if (Test-Path $v1Launcher) { | ||
| $content = Get-Content $v1Launcher -Raw | ||
| if ($content -notmatch 'Execute-Profile') { | ||
| throw "v1.0 launcher missing Execute-Profile function" | ||
| } | ||
| if ($content -notmatch 'v09ScriptPath') { | ||
| throw "v1.0 launcher not properly integrated with v0.9 script" | ||
| } | ||
| Write-Host "[OK] v1.0 launcher properly integrated" | ||
| } | ||
| - name: Validate Parameter Block Position | ||
| shell: pwsh | ||
| run: | | ||
| $main = Get-Content windowstelemetryblocker.ps1 -Raw | ||
| $lines = $main -split "`n" | ||
| $paramFound = $false | ||
| $codeBeforeParam = $false | ||
| for ($i = 0; $i -lt [Math]::Min(30, $lines.Count); $i++) { | ||
| if ($lines[$i] -match '^\s*param\s*\(') { | ||
| $paramFound = $true | ||
| break | ||
| } | ||
| if ($lines[$i] -match '^\s*\$' -and $lines[$i] -notmatch '^\s*#') { | ||
| $codeBeforeParam = $true | ||
| } | ||
| } | ||
| if (-not $paramFound) { | ||
| throw "param() block not found in first 30 lines" | ||
| } | ||
| if ($codeBeforeParam) { | ||
| throw "Code found before param() block - param must be at the top" | ||
| } | ||
| Write-Host "[OK] Parameter block correctly positioned" | ||
